Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you are wondering whether your firm needs network detection and response (NDR), ask yourself this question: How often did your team come into the office in the last week? Probably more than they did last year, but almost certainly daily. This is what work now looks like for most people. And if this describes your organisation, you need an extra layer of defence inside your network perimeter. To see why, just look at what has happened to the network perimeter itself.

In the face of a looming recession, companies are hunting for ways to reduce costs and increase efficiency. The pressure is particularly felt by IT departments. In addition to reducing technology costs and investing as little as possible, they must adapt quickly to evolving user needs. Several reasons have led companies to cut costs recently: Your IT department can be prepared for whatever comes next by selecting the right set of tools based on your needs.

Organizations are increasingly being held liable for breaches of employee data. But employers can take steps to mitigate the likelihood and impact of breaches. Any organization using an electronic payroll and benefits system stores and processes sensitive employee data — which covers just about every organization in operation today. There are many risks related to a cyberattack that compromises employee data, including legal liability, business interruption and reputational damage.

CrowdStrike is defining the future of cloud-native application protection platforms (CNAPP) with CrowdStrike Falcon® Cloud Security. As the industry’s most comprehensive agent-based and agentless cloud security platform, we stop cloud breaches. The 2023 Gartner® Market Guide for CNAPP shares that there are multiple CNAPP offerings in the market that meet the core requirements mentioned in the report. Vendors of these offerings are listed in the report as 26 Representative Vendors.

The need for strong identity security protocols for humans has been a given for years. Your organization likely has multiple layers of controls to ensure that access to sensitive assets is limited to those that need it. But a certain large, global (well…multi-global) organization that comes to mind on this May the Fourth also had layers of human identity controls that adhered to the principles of least privilege.

World Password Day falls on May the 4th this year, or “May the 4th Be With You!” for those who recognize this date as the annual celebration of Star Wars Day. For the 2023 observance of the latter, fans around the world (including myself) will rejoice as Carrie Fisher (aka “Princess Leia”) is honored with a posthumous star on the Hollywood Walk of Fame.

The most common route for malware infections remains social engineering in its various forms: phishing, vishing, etc. Such approaches take advantage of users’ deliberately cultivated willingness to trust communications they receive and to follow the instructions and links such malicious communications carry.

Walmart’s rise to become the brand most likely to be impersonated in Q1 of this year is a real problem. If you’ve been paying attention to brand impersonation in phishing attacks, you know the premise is to use a brand that a large number of potential victims do business with as a means of both establishing credibility. For many quarters, we continually saw Microsoft and/or Microsoft 365 as the brand of choice due to its wide use.

March saw a huge jump in ransomware compared to January and February, signifying that organizations should expect to see a lot more of these attacks this year. With security solutions getting good at spotting and stopping malware on endpoints and servers, you’d think that ransomware attacks would be dwindling. But, according to the NCC Group’s Cyber Threat Report for March 2023, it feels a lot more like 2023 is going to be a repeat of 2022, but at significantly higher attack levels.